News

Security Experts Say That USB Security is Fundamentally Broken

The common USB stick has become the most common way of sharing and storing files on-the-go. With this in mind, a variety of malware and viruses were created in an attempt to take control of computers who do not have any security measures installed, such as antivirus software. Other means of ‘cleaning’ an USB drive would be to format its content, leading to every file being deleted along with any malware and virus program that might be present on the drive.

However, two security researchers state that security problems with USB drives run deeper than expected. They state that the “risk isn’t just in what they carry, it’s built into the core of how they work.” This is why security researchers Karsten Nohl and Jakob Lell plan to present a proof-of-concept malicious software by the name of BadUSB which is stated to highlight that USB devices have long been fundamentally broken.

BadUSB can be installed on a USB device to completely take over a PC silently, alter files and even redirect the user’s internet traffic. The malware is said to be installed on the flash drive’s firmware and not the memory, which means that the code can remain hidden long after the flash memory has been erased. Also, the researchers state that there is no easy fix for the vulnerability. They say that the USB stick needs to be blocked from sharing its content with the system or, plainly said, the USB drive needs to be physically removed to stop the infection.

“You can give it to your IT security people, they scan it, delete some files, and give it back to you telling you it’s ‘clean,’” says Nohl. But unless the IT guy has the reverse engineering skills to find and analyze that firmware, “the cleaning process doesn’t even touch the files we’re talking about.”

It is said that the vulnerability is not limited to USB drives. All sort of USB devices, spanning from keyboards to smartphones and even cameras can have their firmware reprogrammed with the malware in question. The researchers have stated that they used the BadUSB program on an Android device, having a “grab bag of evil tricks” happening as a result. Nohl and Lell tell that it replaced software being installed with a corrupted or backdoored version and even impersonated a USB keyboard that suddenly started typing commands.

The researchers tell that the infection can travel both from a computer to the USB and the other way around. Matt Blaze, a computer science professor from the University of Pennsylvania, is also aware of the shallow security veil that USB drives present. He also speculates that the NSA could have made a common practice out of infecting USB devices using this approach.

Matt points to a spying device by the name of ‘Cottonmouth’, which has been revealed in one of Edward Snowden’s leaks. The device, which hid in a USB peripheral plug, was advertised in a collection of NSA internal documents as surreptitiously installing malware on a target’s machine. However, the exact mechanism for that USB attack wasn’t described.

Thank you Wired for providing us with this information
Image courtesy of Wired

Gabriel Roşu

Disqus Comments Loading...

Recent Posts

Helldivers II Adds Killzone 2 Collaboration

Despite Helldivers II's popularity, fans have long felt the game lacked collaborations. Nearly a year…

13 mins ago

Call of Duty: Black Ops 6 Anti-Cheat System Didn’t Perform Well, TeamRICOCHET Admits

The anti-cheat system in Call of Duty: Black Ops 6 and Warzone has not met…

27 mins ago

NVIDIA’s New App Causes Game Slowdowns: Here’s How to Fix

The NVIDIA app, which recently replaced GeForce Experience, has gained popularity for its revamped interface…

36 mins ago

AMD May Launch Ryzen 5 9600 Non-X Variant in Late January 2025

AMD is gearing up to expand its CPU lineup in early 2025, with recent leaks…

42 mins ago

AMD Ryzen AI 7 350 from Upcoming Kraken Point Series Spotted on PassMark

Following the leak of AMD's flagship laptop CPU, another processor from the AMD Kraken Point…

56 mins ago

DeepCool Launches ASSASSIN IV VC VISION CPU Cooler

DeepCool has just announced the ASSASSIN IV VC VISION CPU cooler, the latest in its…

5 hours ago